Latest Security News about pre authentication

FiberHome HG2201T Pre-Auth RCE

Overview : FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. Affected Product(s) : FiberHome HG2201T Vulnerability Details : CVE ID : CVE-2019-17187 Incorrect Access Control/Directory Traversal /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. Solution : Apply the vendor Security Patch

Critical authentication bypass vulnerability found in Alfresco Community Edition (CVE-2019-14222)

Critical authentication bypass vulnerability found in Alfresco Community Edition (CVE-2019-14222) An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco’s Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker […]

Cisco announces vulnerabilities

Overview : Cisco Firepower Management Center Remote Code Execution Vulnerability CWE-20 / CVE-2019-12689 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. Cisco Firepower Management Center SQL Injection Vulnerabilities CWE-89 / CVE-2019-12679, […]

Mozilla Firefox Multiple Security Vulnerabilities

Mozilla Firefox was found to be prone to many security vulnerabilities such as :- a)A cross-site vulnerability b)Multiple security bypass vulnerability c)Multiple security vulnerabilities An attacker can take advantage of this issue to bypass their security restrictions to perform unauthorised actions. Ultimately they can even steal cookie based authentication credentials. CVE :- CVE-2019-11720 CVE-2019-11721 CVE-2019-11723 […]